Skip to content

TodoForNextVersion

Jump to bottom Edit New page
Oweoqi edited this page Mar 27, 2015 · 1 revision

Introduction

A little brainstorm list so I don't forget the important stuff.

Pain in the ass

  • Clean-up some dirty blocks.

Low hanging fruits

  • HTTP request counter for final scan statistics.
  • User-friendly EIY (Exploit It Yourself) output for found exploits.
  • Suggest the netcat commandline for pentestmonkeys shell.
  • Fix the damn timestamp.

Ideas by Charles Jones which should be added

Options

  • Please add to fimap option [-p TEST_PARAMETER] Testable parameter(s)
  • Please add to fimap [--plugin PLUGIN_AUTORUN] option to autorun exploit mode plugins when target is lfi vulnerability
  • Please add to fimap option [--post-parameter POST_TEST_PARAMETER] Testable parameter(s) by POST QUERY

Injection Techniques

  • fimap use Apache access logs, but what about error logs?
  • Please also add to fimap 1) ssh log, 2) ftp log, 3) mail log, 4) php session lfi injection тechniques

Database

  • Please add database support for store results, for example, sqllite database --database=SQLLITE_DATABASE_FILE
Add a custom footer
Add a custom sidebar
Clone this wiki locally